The news: Just over two weeks following the release of iOS 14.4.1, Apple has already dropped iOS 14.4.2.
- The update contains important security updates, according to the release notes (see below)
- Apple is currently testing iOS 14.5 with developers and public beta testers: new features include ‘Mask ID,’ fresh emojis and AirTags support
Apple’s only referenced change in the update is a fix for a WebKit vulnerability that may have been exploited:
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited.
Description: This issue was addressed by improved management of object lifetimes.
CVE-2021-1879: Clement Lecigne of Google Threat Analysis Group and Billy Leonard of Google Threat Analysis Group